I am trying to use syslog-ng to monitor some files and push anything added
to the file out to a splunk instance. Everytime syslong-ng starts, there is
a burst of traffic, but nothing after that.
I've run it manually in debug mode to see if there is anything, but I don't
get any output. I'm thinking there is an issue with the config file, but I'm
not sure what the problem might be.
I took the stock config file (as it comes from Ubuntu 10.04.2: syslog-ng
2.0.9-4.2) and added several sources, filters and log directives all going
to one destination:
# Additional sources to monitor IW